// UNCLASSIFIED // CLEARED FOR PUBLIC RELEASE //
FILE BRC-newsDTG 0600Z
ColdRecon / Breach Radar / South Korean MSP (unnamed)
Breach Record

South Korean MSP (unnamed)

DISCLOSED 2025-11-26 · RANSOMWARE · RANSOMWARE

The Qilin ransomware group breached an unnamed South Korean managed service provider (MSP) and used the access to steal data from 28 of its clients. The stolen data was published on a leak site dubbed 'Korean Leaks'. The attack highlights supply chain risks where compromising an MSP can cascade to multiple victims.

The record

What we know

Disclosed
2025-11-26
Attack vector
Ransomware
Sector
IT Services (MSP)
Country
South Korea
RANSOMWARE ENDPOINT INVOLVED
Sources

Cited reporting

Similar vector · recent

Other ransomware breaches on file

This page is the permanent ColdRecon entry for the South Korean MSP (unnamed) disclosure. It updates if new public reporting emerges. All tracked breaches →

South Korean MSP (unnamed) just lived through this. Your next prospect doesn't have to.

ColdRecon turns every disclosed breach into a daily intelligence brief from the seller's seat — normalized to the factors that move a deal, written in the Handler's voice. Request clearance and the first lands tomorrow at 0600.

Request Clearance →